diff options
author | Sylvain Beucler <beuc@beuc.net> | 2022-02-05 23:01:42 +0100 |
---|---|---|
committer | Sylvain Beucler <beuc@beuc.net> | 2022-02-05 23:01:42 +0100 |
commit | bb6c1796fc38db8d7c786bfe5de207e12db9f690 (patch) | |
tree | 70cac92ab9af2e2b5506f40d4e8bb6e595e82d38 /data | |
parent | 6323ba4697455d52aa84b0df684f204bf390f28f (diff) |
CVE-2022-21704/node-log4js, CVE-2021-3803/node-nth-check, CVE-2021-33623/node-trim-newlines: stretch end-of-life
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list.2021 | 2 | ||||
-rw-r--r-- | data/CVE/list.2022 | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index a59b30a5dd..a7761bb386 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -14208,6 +14208,7 @@ CVE-2021-41079 (Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 NOTE: https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822 (8.5.64) CVE-2021-3803 (nth-check is vulnerable to Inefficient Regular Expression Complexity ...) - node-nth-check 2.0.1-1 + [stretch] - node-nth-check <end-of-life> (Nodejs in stretch not covered by security support) NOTE: https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726 (v2.0.1) NOTE: https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0/ NOTE: https://github.com/advisories/GHSA-rp65-9cf3-cjxr @@ -32007,6 +32008,7 @@ CVE-2021-33624 (In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a b NOTE: https://www.openwall.com/lists/oss-security/2021/06/21/1 CVE-2021-33623 (The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.j ...) - node-trim-newlines 3.0.0+~3.0.0-1 + [stretch] - node-trim-newlines <end-of-life> (Nodejs in stretch not covered by security support) NOTE: https://github.com/advisories/GHSA-7p7h-4mm5-852v CVE-2021-33622 (Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, h ...) - singularity-container <unfixed> (bug #990201) diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 4a6b742135..5b6baddb20 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -7250,6 +7250,7 @@ CVE-2022-21704 (log4js-node is a port of log4js to node.js. In affected versions - node-log4js 6.4.1+~cs8.3.5-1 [bullseye] - node-log4js <no-dsa> (Minor issue) [buster] - node-log4js <no-dsa> (Minor issue) + [stretch] - node-log4js <end-of-life> (Nodejs in stretch not covered by security support) NOTE: https://github.com/log4js-node/log4js-node/pull/1141 (v6.4.1) NOTE: https://github.com/log4js-node/streamroller/pull/87 NOTE: https://github.com/log4js-node/log4js-node/security/advisories/GHSA-82v2-mx6x-wq7q |